Posts

data breach compensation
, ,

How has the British Airways data breach hurt passengers?

At Hayes Connor Solicitors, we’re helping victims of the British Airways data breach to claim compensation after their personal information was put at risk by the airline. An organisation they trusted to look after it.

But all too often, we hear accusations that the people trying to recover from the BA data breach are “trying to get something for nothing”.

However, data privacy breaches can have a severe and often lasting impact on those affected. As such, we believe it is vital that organisations like BA are held to account for their failure to protect our personal information.

Brand loyalty is all well and good, but it’s vital that we don’t put the needs of big companies above the rights of customers.

Here’s why we believe it’s essential that people are able to hold businesses like BA to account.

The financial impact of cybercrime can be very harmful

Cybercrime can result in financial fraud and identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Despite claims from BA that it had not received reports of fraud resulting from the attack on its systems, in November last year it was reported that Russian hackers might have made millions selling credit card details stolen from BA customers.

And, even if nothing has been done with that information as yet, it doesn’t mean the stolen data is safe.

Working exclusively on data breach and cybercrime cases, it has become clear to our solicitors that the impact and losses people sustain following a data privacy violation are not always immediately apparent. Indeed, in the Ticketmaster data breach, we are starting to see cases where the impact only became clear months later. This is often because data stolen is used in batches over time.

To date, 63% of all the clients we took on in the Ticketmaster data breach case suffered multiple fraudulent transactions on their payment cards.

So, as yet it’s impossible to say how many people have been impacted by the BA data breach, and to what extent.

Certainly, according to an article in The Metro, at least one BA customer is reported to have suffered fraudulent activity on their credit card, which was used to book a BA flight during the time the data was at risk.

Your mental health matters

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

Being the victim of a crime can have a sizable and lasting impact on you mentally and physically. Everyone copes differently, but for some the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. Some data breach victims become paranoid and oversensitive about their personal privacy and can go on to develop depression.

Thankfully, over the last few years, people are waking up to the reality of mental health, and there is a greater awareness about the lasting effects of physiological suffering and anguish.

For example, following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen. And, like the financial losses, often the full impact wasn’t felt until much later.

“The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Victim Support

Despite this, the emotional impact of data breaches is still not being taken seriously by those organisations we trust to look after our sensitive information. And we believe this to be true in this case.

Following the BA data breach, the airline said that compensation claims would be discussed on an ‘individual basis’. However, it is not up to the airline to dictate the terms of any compensation payments. And it is certainly not clear how (or indeed if) BA intended to evaluate the emotional impact the data breach had on its customers.

“As a result of increased volumes of data breach incidents, lawyers and experts are using their respective skills to assess the psychological and social consequences, symptoms and ‘injuries’ in reliable and valid ways. Structured interviewing, psychometric assessment and perusal of medical and occupational records are all part of this process”.

Professor Hugh C. H. Koch visiting professor in law and psychology at Birmingham City University School of Law and clinical psychologist

Loyalty works both ways

Should a data breach happen, we would expect the organisation in question to do everything in its power to keep its customers safe and prevent further damage. But this doesn’t seem to be the case following the BA data breach.

Some customers have complained that they have not been contacted by British Airways about the data breach, despite having seen fraudulent activity on their payment cards. Others have complained about BA advising customers to go to their bank for advice, rather than issuing its own instructions to help travellers stay protected.

 Speaking to The Telegraph, one BA customer said: “I saw the tweet, that was the first I knew of it.” He added: “I’ve not heard anything from them on this and I’ve just had to cancel the card I used. They’re a shambles.”

Another customer said she had been left vulnerable after being forced to cancel her bank card while travelling alone in the middle of Vietnam. She tweeted that she was “furious” with the airline and that she only found out about the data breach from news; before BA had the decency to her that she was likely affected.

She went on to tweet: “All companies have problems, some of them will affect their customers. That is a simple fact of business. How the company reacts, communicates & cares, is everything.

“British Airways are failing badly on this. I can’t even get a team manager in their call centre to call me.”

 While another BA customer told the BBC: “I have six cards linked to my BA account. I have no idea how much of my data information has been stolen. I will have to go to each of my credit card providers, cancel the cards, and all the direct debits, etc., related to those cards. This will take a long time, something I have to do with no help from BA”.

 Make a British Airways compensation claim with Hayes Connor Solicitors

At Hayes Connor, we want to reduce the number of data violations taking place across the UK.

To do this, we are helping to raise awareness of data breaches and cybercrime, and educating people and businesses to prevent similar infringements from happening. For more advice on how to keep your data safe, follow us on Twitter and Facebook.

But, where a breach has already occurred, it’s vital that you can recover your losses. We could be talking about one of the most severe data breach cases to hit the UK, so it’s critical that people can get the help they need.

To join our British Airways data breach group action compensation claim, you will need to register with us. We’ll let you know what is happening in this case and if and when you can make a BA data breach compensation claim.

 REGISTER NOW

breach compensation
, ,

Making a compensation claim helps to address the real-life impact of data breaches

At Hayes Connor Solicitors, we help our clients to make compensation claims after their data has been put at risk by the organisations they trust to look after it.

In some cases, these data breaches are massive news stories following hacks against the likes of Ticketmaster, Equifax and British Airways. But, every day, we also help people come to terms with smaller data breaches that have a severe and often lasting impact on them.

But, although we believe that these organisations must be held to account for their failure to protect our personal information, all too often people who make a data breach claim are accused of “trying to get something for nothing”. So let’s set the record straight.

The impact of cybercrime can be devastating

Cybercrime can result in both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Following last year’s Ticketmaster data breach, 63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards.

Worryingly, getting your money back following a scam is not always easy. For example, in a recent example of takeover fraud, a customer of the Royal Bank of Scotland (RBS) had more than £4,300 stolen from her account despite the fraudulent caller answering one of her security questions incorrectly. Despite the failure in their processes, the bank maintained that the customer was aware of the transaction and refused to refund her. Find out more about this case.

Claiming for distress isn’t an overreaction

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

A personal data breach is a 21st-century version of being burgled. If a criminal came into your home and stole your private information, you would be distressed. So why should you feel any less upset at having your online data taken?

Following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

Being the victim of a crime can have a significant impact on you mentally and physically. Of course, everyone reacts differently, but for some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. So being told to just “get over it” isn’t helpful.

According to Victim Support: “The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Even smaller data breach cases can have a huge impact. For example, in a recent case, our solicitors saw the impact of what can happen when sensitive information was sent to the wrong address by mistake.

Thankfully, over the last few years, people are waking up to the reality of mental health and there is a greater awareness about the lasting effects of psychological suffering and anguish. Crucially, the law agrees and recognises the amount of damage that can be caused by having your information stolen.

Holding organisations to account could be the only way to ensure they take your security seriously

The sheer scale of the information we share with organisations is enough to leave us all open to the threat of fraud, anxiety and stress. So it’s no surprise that we are worried about what could happen if this data gets into the wrong hands. As such, something has to be done to make companies accountable for any harm done.

Cybercriminals are becoming more and more sophisticated. But this doesn’t let these organisations off the hook. If they have done everything in their power to protect your data and have robust security processes and procedures in place, it is unlikely that a claim would be successful. In fact, this is why we usually wait for the results of an investigation by the ICO before starting a claim.

But the reality is that in most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, the only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements is by hurting their bottom line.

The real-life impact of data breaches

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

libel
,

Online defamation and libel: know your rights

Defamation is a bit of a hot topic at the moment. Earlier this year, writer and food blogger Jack Monroe won a libel action against Katie Hopkins, and was awarded £24,000 damages, for tweets which suggested that Monroe approved of defacing a war memorial during an anti-austerity demonstration in Whitehall. As a result of the fine, Hopkins had to apply for an insolvency agreement to avoid bankruptcy. Libel is a form of defamation.

Other instances where defamation has been brought into the public eye include where high-profile celebrities or businesspeople have brought an injunction to prevent the publication of material that would be damaging to their reputation (so-called gagging orders).

If you have been the victim of online defamation, it’s vital that you know your rights and what you can do to protect your reputation and achieve redress.

What is defamation?

Defamation is an all-encompassing term that covers any statement that damages someone’s reputation.

A defamatory statement can be made in:

  • Verbal form. This is classed as slander because only the spoken word is involved. Slander can be difficult to prove
  • Written form. This is classed as libel. A case for libel is easier to bring because evidence can be documented.

Defamation makes an ordinary person modify their opinions of another person as a direct result of hearing or reading the statement. Under UK law it is possible to defame businesses as well as individuals. A person that has suffered a defamatory statement can sue the person that made the statement under defamation law.

What is libel?

Online defamation tends to involve libel. You could accuse someone of libel against you if they:

  • Sent an email, or an email attachment defaming you, where that email is widely posted or forwarded
  • Made defamatory material available via a web page
  • Posted defamatory material to an email list or newsgroup
  • Streamed defamatory audio or video.

Anyone who actively transmits defamatory material may also be liable as part of any legal action.

What about freedom of expression?

It is accepted in a democratic society that individuals have a right to express their views and preferences. The internet offers great potential to do this.

Defamation is an abuse of this freedom of expression; where untrue statements may have a harmful impact on a person’s reputation.

It is critical to ensure that unfounded claims should not be allowed to damage a person’s reputation, but it is also vital for the law to balance such protections with the rights to freedom of expression. As such, the issue of defamation has become a much contested topic.

Of course, there is a balance to be had between one person’s right to protect their good name and another person’s freedom of speech. However, if someone has made an untrue statement about you, which was published on the internet, and which caused you injury, then you are entirely in your rights to sue for online defamation.

ticketmaster
, ,

The real-life impact of a large data breach

At Hayes Connor Solicitors, we’re helping victims of the Ticketmaster data breach to claim compensation after their data was put at risk.

But, some nine months after the breach, what are the real-life effects of the Ticketmaster data hack?

63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards.

Cybercrime can result in both financial and/or identity theft. And, in this case the majority of our clients have gone on to suffer fraudulent activity.

What can you do to protect yourself from fraud?

With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts. And, getting your money back is not always easy.

Here are a few steps to help protect your cards from being used by hackers:

  • If you are worried that your banking details have been exposed, contact your bank immediately and ask them to keep a close eye on your account
  • Request a new card from your bank
  • Beware of fraudsters who attempt to gather personal information (phishing)
  • Report any suspected phishing attempts to the police and relevant authorities
  • Look out for any bills or emails showing goods or services you haven’t ordered, or any unfamiliar transactions on your account and alert your bank or card provider immediately if there is any suspicious activity
  • Keep an eye on your credit score for any unexpected dips. Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name
  • Beware of any unsolicited communications that refer you to a web page asking for personal data
  • Register with a suitable fraud prevention service
  • Change your passwords on all your accounts
  • Never automatically save your card details online.

31% of all clients involved in this case suffered from distress and/or psychological trauma.

Following the Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

Being the victim of a crime can have a significant impact on a person mentally and physically. Everyone reacts differently, but for some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect their friends, family and job.

Thankfully, over the last few years, people are waking up to the reality of mental health and there is a greater awareness about the lasting effects of psychological suffering and anguish. Crucially, the law agrees and recognises the amount of damage that can be caused by having your information stolen.

Make a Ticketmaster compensation claim with Hayes Connor Solicitors

At Hayes Connor Solicitors, we are investigating the options available for customers of the Ticketmaster group.

As Ticketmaster has already admitted the breach and informed customers, those affected should already know if their data has been put at risk.

To ensure that you are fully informed on this matter complete your details and we will notify you about the investigation and your legal rights when making a claim.

REGISTER YOUR DETAILS TODAY.

BA data breach
, ,

What’s happening in the British Airways data breach group action?

Last year, almost 400,000 British Airways customers had their bank card details stolen in one of the most severe cyber-attacks in UK history. In response, our expert data breach solicitors are preparing to launch a British Airways data breach group action once the relevant investigations are complete.

What happened in this case?

British Airways has apologised after admitting that its customers’ details were stolen over a period of 15 days in a massive data breach. The attack put the personal and financial information of customers making bookings at risk. In total, about 380,000 transactions were affected.

We could be talking about one of the most serious data breach cases to hit the UK, so we quickly began to receive enquiries from concerned passengers.

Where are we up to?

We are currently preparing to launch a British Airways data breach group action. A group action is undoubtedly the best way forward for data breach claims of this nature. It allows people with the same type of claim to bring it together on a collective basis to strengthen their overall position and increase their chances of success.

We have also sent a ‘Letter of Claim’ to BA and their solicitors. This shows them that we are serious about pursuing potential litigation on behalf of our clients.

We have also met with other solicitors who are also pursuing claims against BA for the data breach. We believe that a joined-up approach with these solicitors will allow us to proceed on a similar footing with the other claimants, and maximise our chances of success.

Why claim against a victim of a cyber-attack?

It’s true that cybercriminals carried out a “sophisticated, malicious criminal attack” on the British Airways website.

But this doesn’t let BA off the hook. These hackers spent more than two weeks accessing data online before the hack was spotted and reported. This increases the risk substantially. So it’s unlikely that

BA did everything in its power to protect your data or had secure security processes and procedures in place.

The reality is that in most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, the only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements is by hurting their bottom line.

What should you do if you are worried?

For anyone worried that their data has been exposed by British Airways, you should:

  1. Determine what was stolen. To protect yourself as much as possible you need to know what kind of information was accessed in the data breach. British Airways should be able to advise you on this
  2. Contact your bank. If any financial information has been stolen, contact your bank or credit card provider immediately and explain that your account is at risk of fraud. As well as issuing a new card, the bank should be able to advise you if it detects suspicious activity on your account
  3. Change your passwords. If an online account (such as an email address) has been compromised, change the password right away. You should also change all other accounts that use the same password, and – if your email could be compromised – any accounts that could be accessed via your email. To keep you safe in the future, create a secure, unique password for each account (you might want to consider using a password manager to do this for you)
  4. Deploy additional security measures. If an app or website offers two-factor authentication to protect an account, use it
  5. Be vigilant. Beware of scammers using your stolen data against you. For example, don’t click on any links in emails asserting to be from your bank and always use the numbers they provide on their website if they ask to talk to you
  6. Sign up for a credit and/or identity-monitoring service. This will help you to monitor your financial accounts and sensitive personal information. Many organisations will offer such services free following a data breach but it’s important to check the small print. Be careful that in accepting any offer you are not giving away your rights to pursue a separate data breach compensation claim at a later date
  7. Keep a record. Make a list of all the accounts that could have been accessed and note down why you are concerned about them
  8. Inform the Information Commissioner’s Office (ICO) about your concerns. At present, the ICO is investigating the British Airways data breach. While it does not award compensation, if the ICO believes that the organisation in question broke the law, you can use this information in court to help prove your claim
  9. Contact Hayes Connor Solicitors ASAP. We’ll ensure that you are fully informed on this matter and will notify you about the investigation and your legal rights when making a claim.

To join our British Airways data breach group action compensation claim, you will need you to register with us. We’ll let you know what is happening in this case and if and when you can make a data breach compensation claim.

REGISTER NOW

bank details
, ,

Banks issue new cards after Ticketmaster data breach

Nine months after the Ticketmaster data breach, two high street banks are sending out replacement credit and debit cards for customers who might have been put at risk.

The Royal Bank of Scotland (RBS) and NatWest have written to some customers informing them that they will be issued with replacement cards following last year’s Ticketmaster breach.

The letters state that replacement cards are being sent to anyone who used their card at Ticketmaster, while noting that this is a precautionary measure and that in some cases there is no indication that their information has been accessed.

What happened in the Ticketmaster data breach?

The hack hit around 40,000 people in the UK and compromised personal and financial information including customer names, addresses, email addresses, phone numbers, payment details and account login details. Some customers have already had their cards used by cybercriminals.

Find out more about the Ticketmaster data breach.

However, some customers of NatWest and RBS have taken to social media to complain about the way the incident has been handled.

Concerns include:

  • That this is the first time some customers have heard of the breach
  • Customers being unsure whether the letters are genuine
  • The length of time it has taken the banks to address this issue (banking start-up Monzo requested replacement Mastercards for all affected customers in April 2018).

How to protect your bank details from hackers

Following the Ticketmaster data breach, here are a few steps to help protect your cards from being used by hackers:

  • If you are worried that your banking details have been exposed, contact your bank immediately and ask them to keep a close eye on your account
  • Request a new card from your bank
  • Beware of fraudsters who attempt to gather personal information (phishing)
  • Report any suspected phishing attempts to the police and relevant authorities
  • Look out for any bills or emails showing goods or services you haven’t ordered, or any unfamiliar transactions on your account and alert your bank or card provider immediately if there is any suspicious activity
  • Keep an eye on your credit score for any unexpected dips. Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name
  • Beware of any unsolicited communications that refer you to a web page asking for personal data
  • Register with a suitable fraud prevention service
  • Change your passwords on all your accounts
  • Never automatically save your card details online.

Lessons learned

Obviously, RBS and NatWest are in no way responsible for the Ticketmaster data breach. But as such hacks become increasingly common, how banks react to protect their customers following such violations has never been more important.

Since the start of the Ticketmaster breach we’ve advised clients to request new cards from their bank. But it cannot just be left to victims of data theft to protect themselves. At Hayes Connor, we would argue that a speedier response is now needed and that this is something all credit and debit cards providers must address.

Make a Ticketmaster compensation claim with Hayes Connor Solicitors

At Hayes Connor we are already representing people who have been put at risk due to the Ticketmaster data hack.

IF YOU WISH TO BE A PART OF THIS CLAIM THEN REGISTER YOUR DETAILS TODAY.

data breach compensation

Who can make a data breach claim?

Data breach claims are on the rise, not least because more and more organisations are using our sensitive personal data without investing in the necessary security measures to keep it safe.

At Hayes Connor Solicitors, our data breach lawyers are committed to upholding the rights of consumers across the UK. And, as part of this responsibility, we aim to ensure that as many people as possible understand their rights when it comes to this evolving and often complicated area of law.

So, in the UK, who can make a data breach claim?

Anyone who has suffered damage or distress caused by an organisation breaching any part of the Data Protection Act (the UK’s interpretation of the GDPR), has the right to claim compensation following a data breach. Both individuals and companies can make a data breach claim for compensation.

But, to claim compensation you must be able to prove that you suffered as a result of the data protection breach. And you can claim for both damages and distress.

Until recently, while a person who suffered damage might have had their compensation increased to take into account any associated distress, in most cases compensation would not have been awarded for distress alone. The only exception to this is where information had been used for journalistic, artistic, or literary purposes. However, this is no longer the case.

Today, you can make a data breach claim for distress even if you have not lost out financially.

How should you start your data breach claim?

If you think that a company is not looking after your data as well as it should, you can make a subject access request. You can make a subject access request at any time. For example, many of our clients make subject access requests to start the compensation claim process following a data breach. Find out more about how to make a subject access request here.

You should also ask the ICO to assess an organisation if you think it is guilty of a breach. If you want to contact the ICO you can do this here.

If the ICO thinks that an organisation has not complied with its obligations, it can give advice and ask it to solve the problem. The ICO’s main aim is to improve the information rights practices of organisations, where there is an opportunity to do so. However, the ICO will not usually investigate concerns where there has been an undue delay in bringing it to its attention. So, you should raise your concerns with the ICO within three months of your last meaningful contact with the organisation concerned (when you discovered the data breach).

However, it’s important to understand that, while the ICO does have the power to impose hefty fines on organisations in breach of their duties, it does not award compensation. But if the ICO thinks that an organisation is guilty of a breach, you can then use this information to support a data protection compensation claim.

Appointing an expert data protection solicitor

If you have contacted the ICO about a potential breach, Hayes Connor Solicitors can start to investigate your claim. We will work with the ICO to gather as much evidence as possible to help our clients succeed. In some cases, we can start a data breach claim without you having first registered your concerns with the ICO, but we always recommend this as a first step.

If you want to find out more about claiming for a data breach you can contact us here.

takeover fraud

Bank customer loses thousands of pounds in takeover fraud

In the latest example of takeover fraud, a customer of the Royal Bank of Scotland (RBS) had more than £4,300 stolen from her account despite the fraudulent caller answering one of her security questions incorrectly.

What is takeover fraud?

Takeover fraud happens when a criminal uses another person’s account information (e.g. a credit card number) to buy products and services. Takeover fraud is also used by scammers to extract funds from a person’s bank account.

With more than 24,000 reported cases, takeover fraud increased by 7% last year with bank accounts the most popular target.[1]

What happened in this case?

According to a report by BBC Watchdog Live, the bank maintained that the customer was aware of the transaction and refused to refund her. To make matters worse, the Financial Ombudsman Service – which helps to sort out disputes between financial businesses and their customers – backed RBS after the initial complaint.

However, following a BBC investigation, was revealed that in a recording of the fraudulent phone conversation, a woman can be heard incorrectly answering a security question.

What’s more, a second transaction request made during the same phone call was refused after the caller was unable to answer additional security questions. This eventually led to a warning being raised against the account. The bank’s records also show that the fraudster failed the bank’s voice recognition checks and that the transaction was marked as a “potential account takeover”.

Despite this, a transaction of £4,318 was approved by the bank in a decision which it refused to reverse.

RBS has now apologised to the woman and issued her a full refund. However, it is unclear whether this would have happened without the Watchdog Live investigation.

Worryingly, the bank failed to consider the evidence in this case, including warnings raised by its security processes.

A new code of conduct

Since the con took place, most banks have signed up to a new code of conduct which provides an additional layer of protection to customer affected by bank scams. The new code is designed to minimise the number of financial cybercrimes by encouraging consumers to remain vigilant.

In essence, the new code means that a bank (or another financial provider) can only refuse to reimburse stolen funds where the customer has shown a very significant degree of carelessness. In this case, as the bank failed to heed the warning signs and the woman was in no way negligent, RBS would be liable for the subsequent loss.

Furthermore, under the new guidelines banks should not automatically blame the victims of increasingly sophisticated scams and must take a fairer approach to compensation. What this means is that you can be confident that any claim for reimbursement will be given fairer and quicker consideration.

The code is expected to be finalised next year.

Cybercriminals are becoming increasingly sophisticated

Online criminals are becoming increasingly sophisticated. And it’s not just lone hackers people should worry about. Today, cybercrime syndicates are evolving from existing criminal structures. And, as they strive to become as rich as possible, these criminals are sharing information and collaborating.

As such, banks must make sure that their processes are just as sophisticated and robust.

In this case, it was revealed that the woman’s phone line was diverted to a mobile number on the day of the call. This led to the bank to believe that they were speaking to her at her home address. However, if all the other security checks and processes had worked, the woman would not have been left without her funds for over a year.

Can you get help for takeover fraud?

If you have been the victim of a takeover scam and need help getting your money back, there is some good news.

As well as setting out a new industry code designed to minimise the number of scams by encouraging consumers to remain vigilant, the new industry protections will help victims to secure compensation.

If you need legal help following a takeover scam, Hayes Connor can help. Our professional, friendly team will be pleased to answer any questions you might have, and advise you on what to do next.

[1] Cifas

data breach claims

What is no-win, no-fee?

Access to professional legal advice is a fundamental right. That’s why it’s important that everyone can afford to make a data breach or cybercrime compensation claim should they need to.

Removing the financial risk, at Hayes Connor Solicitors, we provide our services on a no-win, no-fee basis to help our clients get the compensation they deserve. But what does this actually mean and are there really no costs if you appoint us?

What is no-win, no-fee?

A no win, no fee agreement is an arrangement between you and your solicitor. Also known as a Conditional Fee Agreement (CFA), if your claim is not successful, you won’t have to pay any money for the work carried out (as long as you adhere to the terms of our agreement).

No win, no fee agreements help people get the compensation they need following an incident that wasn’t their fault.

What if your claim is successful?

If your claim is successful (and that’s what we all want!), you might have to make a contribution to your solicitor’s costs. This ‘success fee’ is taken from the compensation awarded to you. The amount of the success fee depends on when your case is settled, but with us you’ll never have to pay more than 25% of your compensation. However in some cases, we are able to recover this cost from the other party. In such cases you won’t have to pay any costs – win or lose.

Your obligations under a no-win, no-fee agreement

You do have obligations under a CFA:

  • You must not mislead your solicitor
  • You must not fail to co-operate
  • You must act in accordance with the agreement and the advice given by your solicitor
  • Should you wish to terminate your claim, you will be responsible for all costs and disbursements incurred by your solicitor.

Can you afford the risk?

Well yes. Because if you lose you won’t have to pay a penny!

In most cases, the loser has to pay the winner’s costs and disbursements (other legal expenses such as court fees). But to protect you from these costs, we always take out insurance to insure against this risk on your behalf. This is called ‘After the Event’ insurance (ATE).

With ATE insurance, if you lose your case (including a group action case), any costs will be paid by the insurance provider. This means that if your claim is not successful, you won’t have to pay a penny.

MAKING A NO WIN, NO FEE CLAIM WITH HAYES CONNOR SOLICITORS

From the very first time you speak to us, you’ll find us helpful, friendly, and experienced. While each case is different, we can usually tell you straight away if you have a claim or not. Once you have confirmed that you want to proceed on a no-win no-fee basis, we’ll remove the hassle and take care of all the complex legal work for you. We always make sure you are fully informed about any potential costs before we proceed.

TO FIND OUT MORE, READ OUR STEP-BY-STEP GUIDE TO MAKING A DATA BREACH CLAIM.

hayes connor solicitors
,

2018 data hacks. What do you need to know?

Over the last 12 months, cyber-attacks and data breaches have rarely been out of the headlines. And, this is causing more and more of us to worry about what might happen if hackers manage to access our accounts and steal our valuable data.

The truth is, in a digital age, almost everything we do online needs a degree of trust. From buying a holiday to sharing on Facebook or checking our credit rating. But, all too often, the companies we are putting our faith in are letting us down. And, all too often we don’t know we are being hacked until it is too late.

Here are some of the most significant data leaks our expert data protection lawyers have been dealing with this year.

Ticketmaster

In June 2018, Ticketmaster UK identified malicious software on a customer support product hosted by an external third-party supplier.

Following the breach, Ticketmaster admitted that thousands of UK customer data had been accessed. This included a number of customers’ personal and financial details.

Find out more about the Ticketmaster data breach.

Equifax

The Equifax data breach might have started in 2017, but throughout 2018 we continued to be contacted by people worried that their data had been breached.

The second largest credit reference agency in the UK, Equifax is used by a wide range of companies. So, even people who were not Equifax customers discovered that the company held a wealth of information about them. Information which lenders use to assess whether to give credit cards, loans, mortgages etc.

As a result, up to 15 million British consumers were at risk of having their personal details stolen.

An ICO investigation, carried out in parallel with the Financial Conduct Authority, revealed multiple failures at the credit reference agency. And, as a result, Equifax has now been fined £500,000.

Find out more about the Equifax data breach.

British Airways

Initially, it was revealed that almost 400,000 British Airways customers had had their personal and bank/credit card details stolen in what was reported to be one of the most severe cyber-attacks in UK history.

Worryingly, it took over two weeks before the data breach was detected by the airline. In response, questions were asked as to whether poor systems have made this cyber-attack worse.

When investigating this case, a second data breach was also uncovered. In this instance, 77,000 people had their names, addresses, email addresses and detailed payment information taken. This included card numbers, expiry dates, and card verification value (CVV) numbers. And, a further 108,000 people had their personal details stolen.

Find out more about the BA data breach

Dixons Carphone

The Dixons (Carphone Warehouse) data breach took place in 2017 and resulted in 10 million customer records being accessed from Currys PC World and Dixons Travel stores. The details stolen by cyber criminals include names, addresses, phone numbers, dates of birth, and email addresses. All of which can be used by cybercriminals to commit further crimes. The hackers also got access to the records of 5.9 million payments cards (nearly all of which were protected by chip and pin).

Again, while this case took place in 2017, the ramifications have continued into this year.

Find out more about the Dixons Carphone data breach

Facebook

Earlier this year, a whistle-blower revealed how Facebook data was illegally harvested and used to influence the US Presidential election. The violation occurred after Cambridge Analytica targeted users with political messaging after obtaining data from the social media platform. Questions were raised over whether this data was also used to influence the outcome of the Brexit referendum.

To make matters worse for the social media giant, in addition to the Cambridge Analytica scandal, the platform was also hacked in September. In this instance, hackers stole digital login codes in what has been described as Facebook’s worst ever security breach.

Steps to follow after a data breach

With people everywhere now facing the threat of more regular security breaches, it’s vital that you know what to do should you become a victim of online data theft.

  • If you are worried that your banking details have been exposed, contact your bank immediately
  • Beware of fraudsters who attempt to gather personal information (phishing)
  • Report any suspected phasing attempts to the police and relevant authorities
  • Look out for any bills or emails showing goods or services you haven’t ordered, or any unfamiliar transactions on your account and alert your bank or card provider immediately if there is any suspicious activity
  • Keep an eye on your credit score for any unexpected dips. Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name
  • Beware of any unsolicited communications that refer you to a web page asking for personal data
  • Register with a suitable fraud prevention service
  • Change your passwords.
  • If you are offered any form of compensation or free services from the organisation that put your data at risk it’s important to check the small print. Be careful that in accepting any offer you are not giving away your rights to pursue a separate data breach compensation claim at a later date
  • If you decide you want to make a data breach claim, read our handy step-by-step guide. If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation
  • Inform the Information Commissioner’s Office (ICO) about your concerns. While it does not award compensation, if the ICO believes that the organisation in question broke the law, you can use this information in court to help prove your claim
  • Contact Hayes Connor Solicitors. Our expert, online fraud and data protection solicitors will advise you on whether you have a valid claim and will be pleased to answer any questions you might have. If you are not sure whether your information has been misused or mishandled, we can find this out for you. Our initial assessment is always free. We’ll ensure that you are fully informed on this matter and will notify you about the investigation and your legal rights when making a claim.